Chronological audit logs
Stephen Smalley
sds at tycho.nsa.gov
Tue Nov 28 21:20:51 UTC 2006
On Tue, 2006-11-28 at 16:06 -0500, Kirkwood, David A wrote:
> Can someone tell me how I can generate a chronological listing between
> 2 dates of all the issues
>
> I have designated to watch in the audit capabilities of the system?
/sbin/ausearch -i -ts "starting date" -te "ending date"
And of course you can use the other options of ausearch to refine that
listing as desired.
> I need to get a system with audit
>
> capability sufficiently palatable to the Defense Department for
> classified use. I currently use Sun
>
> workstations and generate the audit logs via praudit and was looking
> for some way to set up simaller
>
> archived weekly audit logs.
--
Stephen Smalley
National Security Agency
More information about the Linux-audit
mailing list